Communications of the ACM
AI Creates False Documents That Fake Out Hackers
Some researchers have proposed using an algorithm to hopelessly confuse hackers once they break in a system, by hiding the real data amid a mountain of convincing fakes.
Credit: Thomas Fuchs
ackers constantly improve at penetrating cyberdefenses to steal valuable documents. So some researchers propose using an artificial-intelligence algorithm to hopelessly confuse them, once they break in, by hiding the real deal amid a mountain of convincing fakes.
The algorithm, called Word Embedding–based Fake Online Repository Generation Engine (WE-FORGE), generates decoys of patents under development. But someday it could "create a lot of fake versions of every document that a company feels it needs to guard," says its developer, Dartmouth College cybersecurity researcher V. S. Subrahmanian.
If hackers were after, say, the formula for a new drug, they would have to find the relevant needle in a haystack of fakes. This could mean checking each formula in detail—and perhaps investing in a few dead-end recipes. "The name of the game here is, 'Make it harder,'" Subrahmanian explains. "'Inflict pain on those stealing from you.'"
Subrahmanian says he tackled this project after reading that companies are unaware of new kinds of cyberattacks for an average of 312 days after they begin. "The bad guy has almost a year to decamp with all our documents, all our intellectual property," he says. "Even if you're a Pfizer, that's enough time to steal almost everything. It's not just the crown jewels—it's the crown jewels, and the jewels of the maid, and the watch of the secretary!"
From Scientific American
View Full Article
No entries found